Vulnerabilities > Golang > GO > 1.14.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-06 | CVE-2023-24534 | Resource Exhaustion vulnerability in Golang GO HTTP and MIME header parsing can allocate large amounts of memory, even when parsing small inputs, potentially leading to a denial of service. | 7.5 |
| 2023-04-06 | CVE-2023-24536 | Allocation of Resources Without Limits or Throttling vulnerability in Golang GO Multipart form parsing can consume large amounts of CPU and memory when processing form inputs containing very large numbers of parts. | 7.5 |
| 2023-03-08 | CVE-2023-24532 | Incorrect Calculation vulnerability in Golang GO The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). | 5.3 |
| 2023-02-28 | CVE-2022-41722 | Path Traversal vulnerability in Golang GO A path traversal vulnerability exists in filepath.Clean on Windows. | 7.5 |
| 2023-02-28 | CVE-2022-41723 | Unspecified vulnerability in Golang GO A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. | 7.5 |
| 2023-02-28 | CVE-2022-41724 | Resource Exhaustion vulnerability in Golang GO Large handshake records may cause panics in crypto/tls. | 7.5 |
| 2023-02-28 | CVE-2022-41725 | Allocation of Resources Without Limits or Throttling vulnerability in Golang GO A denial of service is possible from excessive resource consumption in net/http and mime/multipart. | 7.5 |
| 2022-12-08 | CVE-2022-41717 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. | 5.3 |
| 2022-12-07 | CVE-2022-41720 | Path Traversal vulnerability in Golang GO On Windows, restricted files can be accessed via os.DirFS and http.Dir. | 7.5 |
| 2022-11-02 | CVE-2022-41716 | Unspecified vulnerability in Golang GO Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows. | 7.5 |